brodit-shop.de XSS vulnerability

2016-08-19T23:18:00
ID OBB:176651
Type openbugbounty
Reporter iwoodythecowboy
Modified 2016-12-07T08:35:00

Description

Vulnerable URL:
http://www.brodit-shop.de/suche.php?step=suchergebnis&suche;=%22%3E%3C/title%3E%27%3E;%3C/script%3E%3Csvg/onload=alert(/OPENBUGBOUNTY/)%3E
Details:

Description| Value
---|---
Patched:| Yes, at 06.12.2016
Latest check for patch:| 06.12.2016 18:17 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 750601
VIP website status:| No
Check brodit-shop.de SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 19 August, 2016 23:18 GMT
Generic security notifications sent to website owner| 19 August, 2016 23:20 GMT
Vulnerability details disclosed by researcher| 10 September, 2016 00:12 GMT
Vulnerability patched by the website owner| 7 December, 2016 08:35 GMT